Information transceived in a radio communication system can be protected using an encryption algorithm, whereby, only communication units that are provided with the encryption algorithm and associated encryption parameters may communicate securely. Such a system is commonly referred to as a secure radio communication system and is well known in the art. Similarly, secure radio trunking communication systems are also well known in the art and typically comprise a controller that is operably connected to a predetermined number of repeaters, providing communication channels to a plurality of secure communication units. Typically, one of the communication channels is used as a control channel while the other communication channels are used as working channels. The controller, upon receiving a request, allocates a working channel to the secure communication unit, via the control channel. To ensure information in such systems is communicated securely, the information on the working channels and the control channel may be protected with encryption. For example, protecting information on the control channel ensures that the system is protected from malicious parties copying and replaying the control information on the control channel. In a secure radio trunking system, the controller maintains secure information that includes control encryption information (CEI) and control encryption parameters (CEP) to encrypt/decrypt information on the control channel, and working encryption parameters to encrypt/decrypt information on the working channels. The CEP may include components that change with time and the controller maintains the CEP to reflect these changes. In normal operation, when a secure communication unit comes on the system, the controller provides the secure communication unit with the CEI and CEP which is subsequently stored in an internal memory device. In order to communicate securely on the control channel, the stored CEP should be substantially similar to the CEP at the controller. Since the CEP at the controller changes, the controller periodically updates the stored CEP by transmitting the CEP, on the control channel, hence, maintaining synchronization between the CEP at the controller and the stored CEP. While on the control channel, the secure communication unit continues to receive the periodic updates, however, when the controller assigns the secure communication unit to a working channel, the secure communication unit is no longer able to receive the periodic updates. As a result, upon returning to the control channel the stored CEP may not be synchronized with the CEP at the controller and the secure communication unit may not be able to communicate securely. In order to restore secure communication capability, the controller has to re-transmit the CEI and CEP to the secure communication unit on the control channel. This retransmission takes up a significant period of time and prevents the control channel from servicing other secure communication units, thus, reducing the efficiency of the secure communication system. This situation is further compounded when a large number of secure communication units are operating on the system.
Alternatively, the secure communication unit is provided with an internal mechanism that uses the resources of the secure communication unit to independently maintain synchronization of the stored CEP when the secure communication unit is away from the control channel. The changes in the CEP at the controller are time variant according to a predetermined encryption algorithm, however, due to the limited resources available in the secure communication unit relative to the controller, the internal mechanism is not able to maintain synchronization of the stored CEP, according to the predetermined encryption algorithm at the controller, for an extended period of time. Hence, when the secure communication unit returns to the control channel after being away on a working channel for at least the extended period of time, the stored CEP may no longer be synchronized with the CEP at the controller. As a result, the secure communication unit is not able to communicate securely on the control channel. In order to restore secure communication capability on the control channel to the secure communication unit, the controller has to re-transmit the CEI and CEP to the secure communication unit on the control channel, reducing the efficiency of the secure radio communication system, as already described above. Another limitation of this method is the added complexity of designing the secure communication unit with the internal mechanism requiring a longer design period. Yet another limitation of this method is the amount of resources of the secure communication unit, such as power, that are utilized to support the internal mechanism. Use of these limited resources could affect performance parameters, such as battery life, of the secure communication unit.
Therefore, a need exists for a method of maintaining secure information synchronization on a control channel that will not reduce the efficiency of a secure radio communication system, and have minimal impact on the design and resources of a secure communication unit.